A device receives, from a managed device, endpoint information associated with an unmanaged device connected to the managed device in a network. The device also receives unmanaged device information that partially identifies the unmanaged device, and completely identifies the unmanaged device based on the endpoint information and the unmanaged device information.
Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A method, comprising: receiving, by a computing device and from a first device, endpoint information associated with an endpoint device connected to the first device in a network, the endpoint information comprising configuration settings of the first device for the endpoint device; receiving, by the computing device, device information associated with the endpoint device; determining, by the computing device, that the endpoint device comprises a particular type of device based on the device information; determining, by the computing device, that the endpoint device comprises a particular model of the particular type of device based on the endpoint information; and selecting a network functionality for providing to the endpoint device based on the endpoint device comprising the particular model of the particular type of device.
A computer system classifies unmanaged network devices to improve network location awareness. It receives endpoint information (configuration settings) of an unmanaged device connected to a managed device, and also receives general device information. The system determines the device type (e.g., printer) based on the device information and determines the specific model of that device using the endpoint information. Based on the identified device type and model, the system selects and applies appropriate network functionality (e.g., access privileges, firewall rules) tailored to that specific device.
2. The method of claim 1 , further comprising: selecting a further network functionality for providing to the endpoint device based on the device information.
In addition to the method described for claim 1, where a computer system classifies unmanaged network devices to improve network location awareness by receiving endpoint information (configuration settings) of an unmanaged device connected to a managed device, and also receiving general device information to determine the device type (e.g., printer) and model to apply network functionality. The system also selects a *second* network functionality based solely on the device information (device type), allowing for a broader classification-based network policy in addition to the model-specific one.
3. The method of claim 1 , where the selected network functionality includes one or more of: access privileges associated with the network, firewall privileges associated with the network, or authorization information associated with the network.
In addition to the method described for claim 1, where a computer system classifies unmanaged network devices to improve network location awareness by receiving endpoint information (configuration settings) of an unmanaged device connected to a managed device, and also receiving general device information to determine the device type (e.g., printer) and model to apply network functionality. The selected network functionality includes at least one of the following: specific network access privileges, specific firewall privileges (rules), or specific authorization information required to access the network.
4. The method of claim 1 , where the first device includes a host checking client for obtaining information associated with accessing the network.
In addition to the method described for claim 1, where a computer system classifies unmanaged network devices to improve network location awareness by receiving endpoint information (configuration settings) of an unmanaged device connected to a managed device, and also receiving general device information to determine the device type (e.g., printer) and model to apply network functionality. The managed device that the unmanaged device is connected to uses a host checking client to gather information about devices connecting to the network.
5. The method of claim 1 , where the endpoint device does not include a host checking client for obtaining information associated with accessing the network.
In addition to the method described for claim 1, where a computer system classifies unmanaged network devices to improve network location awareness by receiving endpoint information (configuration settings) of an unmanaged device connected to a managed device, and also receiving general device information to determine the device type (e.g., printer) and model to apply network functionality. The unmanaged endpoint device *does not* have a host checking client installed on it, making it difficult to identify through standard methods.
6. The method of claim 1 , where the computing device includes a network admission control (NAC) device; and where receiving the endpoint information includes: receiving endpoint integrity check information related to an endpoint integrity check performed by the first device and in connection with the endpoint device.
In addition to the method described for claim 1, where a computer system classifies unmanaged network devices to improve network location awareness by receiving endpoint information (configuration settings) of an unmanaged device connected to a managed device, and also receiving general device information to determine the device type (e.g., printer) and model to apply network functionality. The computing device is a Network Admission Control (NAC) device. The endpoint information includes the results of an endpoint integrity check performed by the managed device specifically on/for the unmanaged endpoint device.
7. A device, comprising: a processor to: receive, from a first device, endpoint information associated with an endpoint device connected to the first device in a network, the endpoint information comprising configuration settings of the first device for the endpoint device, receive device information associated with the endpoint device, determine that the endpoint device comprises a particular type of device based on the device information, determine that the endpoint device comprises a particular model of the particular type of device based on the endpoint information, select a network functionality for providing to the endpoint device based on the endpoint device comprising the particular model of the particular type of device, the endpoint device using the network functionality in conjunction with accessing the network.
A network device classifies unmanaged devices to improve network location awareness. The device's processor receives endpoint information (configuration settings) from a managed device about a connected unmanaged device, and receives general device information about the unmanaged device. The processor determines the device type (e.g., printer) based on the device information, and determines the specific model using the endpoint information. Based on this, the processor selects appropriate network functionality for the unmanaged device to use when accessing the network.
8. The device of claim 7 , where the selected network functionality includes one or more of: access privileges associated with the network, firewall privileges associated with the network, or authorization information associated with the network.
In addition to the device described for claim 7, where a network device classifies unmanaged devices to improve network location awareness by receiving endpoint information (configuration settings) from a managed device about a connected unmanaged device, and receives general device information about the unmanaged device to determine the device type (e.g., printer) and model to apply network functionality. The selected network functionality includes at least one of the following: specific network access privileges, specific firewall privileges (rules), or specific authorization information required to access the network.
9. The device of claim 7 , where the first device includes a host checking client that obtains information associated with accessing the network.
In addition to the device described for claim 7, where a network device classifies unmanaged devices to improve network location awareness by receiving endpoint information (configuration settings) from a managed device about a connected unmanaged device, and receives general device information about the unmanaged device to determine the device type (e.g., printer) and model to apply network functionality. The managed device uses a host checking client to gather information about devices connecting to the network.
10. The device of claim 7 , where the endpoint device does not include a host checking client that obtains information associated with accessing the network.
In addition to the device described for claim 7, where a network device classifies unmanaged devices to improve network location awareness by receiving endpoint information (configuration settings) from a managed device about a connected unmanaged device, and receives general device information about the unmanaged device to determine the device type (e.g., printer) and model to apply network functionality. The unmanaged endpoint device *does not* have a host checking client installed on it, making it difficult to identify through standard methods.
11. The device of claim 7 , where, when determining that the endpoint device comprises the particular type of device, the processor is to: determine that the endpoint device comprises a printer based on the device information.
In addition to the device described for claim 7, where a network device classifies unmanaged devices to improve network location awareness by receiving endpoint information (configuration settings) from a managed device about a connected unmanaged device, and receives general device information about the unmanaged device to determine the device type (e.g., printer) and model to apply network functionality. The device determines that the unmanaged device is a printer based on the received device information.
12. The device of claim 7 , where, when obtaining the endpoint information, the processor is to: obtain configuration settings for a printer, and where, when determining that the endpoint device comprises the particular model of the particular type of device, the processor is further to: determine that the printer comprises a particular model printer based on the configuration settings.
In addition to the device described for claim 7, where a network device classifies unmanaged devices to improve network location awareness by receiving endpoint information (configuration settings) from a managed device about a connected unmanaged device, and receives general device information about the unmanaged device to determine the device type (e.g., printer) and model to apply network functionality. The endpoint information includes configuration settings for a printer, and the device determines the specific printer model based on these configuration settings (e.g. driver version, supported protocols).
13. A non-transitory computer-readable medium storing executable computer instructions, the instructions configured to, in response to being executed, perform steps comprising: receiving, from a first device, endpoint information associated with an endpoint device connected to the first device in a network, the endpoint information comprising configuration settings of the first device for the endpoint device; receiving device information associated with the endpoint device; determining that the endpoint device comprises a particular type of device based on the device information; determining that the endpoint device comprises a particular model of the particular type of device based on the endpoint information; and selecting a network functionality for providing to the endpoint device based on the endpoint device comprising the particular model of the particular type of device.
A non-transitory computer-readable medium stores instructions that, when executed, classify unmanaged network devices to improve network location awareness. The instructions cause the system to receive endpoint information (configuration settings) from a managed device about a connected unmanaged device, and receive general device information about the unmanaged device. The system determines the device type (e.g., printer) based on the device information, and determines the specific model using the endpoint information. Based on this, the system selects appropriate network functionality for the unmanaged device.
14. The method of claim 13 , further comprising: selecting a further network functionality for providing to the endpoint device based on the device information.
In addition to the method described in claim 13, where instructions classify unmanaged network devices to improve network location awareness by receiving endpoint information (configuration settings) of an unmanaged device connected to a managed device, and also receiving general device information to determine the device type (e.g., printer) and model to apply network functionality. The instructions also cause the system to select a *second* network functionality based solely on the device information (device type), allowing for a broader classification-based network policy in addition to the model-specific one.
15. The method of claim 13 , where the selected network functionality includes one or more of: access privileges associated with the network, firewall privileges associated with the network, or authorization information associated with the network.
In addition to the method described in claim 13, where instructions classify unmanaged network devices to improve network location awareness by receiving endpoint information (configuration settings) of an unmanaged device connected to a managed device, and also receiving general device information to determine the device type (e.g., printer) and model to apply network functionality. The selected network functionality includes at least one of the following: specific network access privileges, specific firewall privileges (rules), or specific authorization information required to access the network.
16. The method of claim 13 , where the first device includes a host checking client for obtaining information associated with accessing the network.
In addition to the method described in claim 13, where instructions classify unmanaged network devices to improve network location awareness by receiving endpoint information (configuration settings) of an unmanaged device connected to a managed device, and also receiving general device information to determine the device type (e.g., printer) and model to apply network functionality. The managed device that the unmanaged device is connected to uses a host checking client to gather information about devices connecting to the network.
17. The method of claim 13 , where the endpoint device does not include a host checking client for obtaining information associated with accessing the network.
In addition to the method described in claim 13, where instructions classify unmanaged network devices to improve network location awareness by receiving endpoint information (configuration settings) of an unmanaged device connected to a managed device, and also receiving general device information to determine the device type (e.g., printer) and model to apply network functionality. The unmanaged endpoint device *does not* have a host checking client installed on it, making it difficult to identify through standard methods.
18. The method of claim 13 , where receiving the endpoint information includes: receiving endpoint integrity check information related to an endpoint integrity check performed by the first device and in connection with the endpoint device.
In addition to the method described in claim 13, where instructions classify unmanaged network devices to improve network location awareness by receiving endpoint information (configuration settings) of an unmanaged device connected to a managed device, and also receiving general device information to determine the device type (e.g., printer) and model to apply network functionality. The endpoint information includes the results of an endpoint integrity check performed by the managed device specifically on/for the unmanaged endpoint device.
19. A method, comprising: receiving, by a network admission control (“NAC”) device computing device and from a first device, endpoint integrity check information related to an endpoint integrity check performed by the first device in connection associated with an endpoint device connected to the first device in a network, the endpoint information comprising configuration settings of the first device for the endpoint device; receiving, by the NAC computing device, device information associated with the endpoint device; determining, by the NAC computing device, that the endpoint device comprises a particular type of device based on the device information; determining, by the NAC computing device, that the endpoint device comprises a particular model of the particular type of device based on the endpoint integrity check information; and selecting a network functionality for providing to the endpoint device based on the endpoint device comprising the particular model of the particular type of device; and providing the network functionality to the endpoint device.
A method uses a Network Admission Control (NAC) device to classify unmanaged network devices to improve network location awareness. The NAC receives endpoint integrity check information (configuration settings) from a managed device about an unmanaged device. It receives general device information about the unmanaged device. The NAC determines the device type based on the device information, and determines the specific model of the device based on the endpoint integrity check information. Based on this, the NAC selects appropriate network functionality for the unmanaged device and applies it to the device.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
May 22, 2015
March 21, 2017
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.